Summary: Discusses architecture reliability to avoid single points of failure that cause critical applications to fail, and to reduce events that can lead to significant economic losses and corporate branding in the event of catastrophic errors. Here are some storage and network diagnostics issues and I need to list the top ten apps in the company. Note that you ask questions that are related to all programs, while others only need to be relevant to a given domain. I intend to focus on the storage and http://www.aliyun.com/zixun/aggregation/11108.html of the top 10 applications, "> Network products."
How do you know that cloud providers provide the right Network service architecture? Gregory Machler raised these questions.
Written by senior manager Gregory Machler on July 18, 2011 3:38 P.M. Eastern Time: "I have been an architect of a number of complex applications, and I am very concerned about the risk of building assessment for public/private cloud applications." Traditional risk assessments focus on access to external/internal confidential information, such as Social Security numbers, credit card numbers, and bank ATM PIN codes. Gaining control over network protection is important because they can suppress risk. ”
I'm interested in something a little different, I call it the reliability of the architecture. The goal is to avoid a single point of failure that causes critical applications to fail, and to reduce events that can lead to huge economic losses and damage to the corporate brand, without catastrophic errors. So where should I start to save the structure? Here are some storage and network diagnostics issues, and I need to list the top ten apps in the company. Note that you ask questions that are related to all programs, while others only need to be relevant to a given domain. I'm going to focus on the storage and networking product areas that support the top 10 applications.
For all application storage architectures
Does only one SAN vendor store all applications?
How do I handle duplicate data deletion?
Do all applications have only one San switch vendor?
Is the vendor using just one data copy?
Do all applications have only one cryptographic vendor for data encryption?
What encryption algorithm is used for the given cryptographic tool?
Does the vendor use only one PKI to manage certificates?
Where is the rest of the relevant data certificate encryption stored?
820.html "> Storage architecture for each application
What storage subsystem does the application run on?
Are other applications running on the same subsystem?
Can the data on the storage subsystem also be replicated elsewhere? Or is this just the only copy?
How do you meet the needs of a given application to handle more data storage?
How are SAN switches used for linking to storage subsystems?
What network components are used to replicate from one data center to another remote data center to SAN data?
What application performs data replication?
What is the release of software versions and data replication applications?
Which cryptographic vendor is used to encrypt confidential data on a given storage subsystem?
Is the storage encryption tool running on a SAN shared with other applications?
Does the leak of encrypted data affect multiple applications or just one application?
What is a PKI vendor used for?
What version and release are PKI software calls?
Network Architecture for all applications
Is there only one switch or router vendor?
Is there only one firewall vendor?
Is there only one intrusion prevention system/Intrusion Detection System (IPS) provider?
Is there only one load balancer vendor?
Is there only one telecommunications provider serving the Internet and/or WAN (WAN)?
Network architecture for each application
Which switch/router is used in the data center?
What type of switch/router is used?
are switches/routers redundant in architectural design?
What version of embedded software and hardware models are used in switch/router scheduling?
Which manufacturer's firewall is used?
What type of firewall is deployed in the data center?
Is the number of firewall deployment permutations limited? (Embedded operating system version, hardware model, function)?
What intrusion prevention/detection products are deployed?
Which manufacturer's intrusion prevention/detection products are used?
How are the IPs deployed in the datacenter arranged?
What version of the IPs software is deployed?
Which vendor's load balancer is used?
What type of load balancer is used?
What is the version of the embedded software and hardware model of the load balancer?
Do they use it to control traffic between different data centers around the world?
Is load balancing redundant? Can one of them replace the other at once?
Which telecommunications service providers are used in Internet access devices?
What wide area network of telecom providers are used for traffic between data centers?
What wide area network telecommunications providers are used for communication between offices and data centers?
Are telecommunications equipment redundant?
is the underground telecommunications fiber independent in physics?
These issues cover many important issues in storage and network diagnostics. I'm sure I still haven't summed it up completely, but this should give some of the features of the infrastructure cloud used by critical Web applications. These questions give us some insight into whether a given product has a problem or not that affects multiple applications. It helps companies design and adapt structures to create redundancy in all products where possible. The failure of a given product is then not cascaded to multiple critical applications. It is highly likely that a significant portion of the cost is saved by accurately predicting and responding to failures during construction, and by delaying the downtime of expensive cloud services due to failure.
The question of whether to select only one vendor for a given type of product reveals a potential enterprise weakness, and if the hardware/software version of a particular product has a flaw that can only occur under pressure, then a full reliance on one vendor can cause a major failure. Then, all cloud applications that use the product will have a negative impact. Other questions dealt with the congestion I had described. Multiple applications share the same component (storage subsystem, server, or firewall). The failure of the product also affects all of these applications.
To sum up, this article talked about the reliability of the building. It addresses a set of issues focused on storage areas, data encryption as well as and network domains. The cost of the product is much cheaper than the cost of application downtime during construction. Deploying more product vendors must be aligned with the need and functionality to limit the balance of products, and then the implementation of the disaster recovery scenario can be tested. See other chapters of my article. I will also talk about designing cloud diagnostics in future articles.
(Responsible editor: admin)